def _call_operation_object(self, operation, object_type): context = self._get_mock_operation_context(object_type) if object_type in [odl_const.ODL_SG, odl_const.ODL_SG_RULE]: res_type = [ rt for rt in callback._RESOURCE_MAPPING.values() if rt.singular == object_type ][0] res_id = context[object_type]['id'] context_ = (copy.deepcopy(context) if operation != odl_const.ODL_DELETE else None) plugin_context = self.db_context if (object_type == odl_const.ODL_SG and operation in [odl_const.ODL_CREATE, odl_const.ODL_DELETE]): # TODO(yamahata): remove this work around once # https://review.openstack.org/#/c/281693/ # is merged. if operation == odl_const.ODL_CREATE: sg = securitygroup.SecurityGroup( id=res_id, name=context_[object_type]['name'], tenant_id=context_[object_type]['tenant_id'], description=context_[object_type]['description']) plugin_context.session.add(sg) sg_dict = dict(sg) sg_dict['security_group_rules'] = [] with self.db_session.begin(subtransactions=True): self.mech.sync_from_callback_precommit( plugin_context, operation, res_type, res_id, context_, security_group=sg_dict) if operation == odl_const.ODL_DELETE: with self.db_session.begin(subtransactions=True): self.mech.sync_from_callback_precommit( plugin_context, operation, res_type, res_id, context_, security_group={ 'security_group_rules': { 'id': SG_RULE_FAKE_ID } }, security_group_rule_ids=[SG_RULE_FAKE_ID]) else: with self.db_session.begin(subtransactions=True): self.mech.sync_from_callback_precommit( plugin_context, operation, res_type, res_id, context_) else: method = getattr(self.mech, '%s_%s_precommit' % (operation, object_type)) with self.db_session.begin(subtransactions=True): method(context)
def create_provider_security_group(self, context, security_group): """Create a provider security group. This method creates a security group that does not by default enable egress traffic which normal neutron security groups do. """ s = security_group['security_group'] tenant_id = s['tenant_id'] with db_api.autonested_transaction(context.session): security_group_db = securitygroups_db.SecurityGroup( id=s.get('id') or (uuidutils.generate_uuid()), description=s.get('description', ''), tenant_id=tenant_id, name=s.get('name', '')) context.session.add(security_group_db) secgroup_dict = self._make_security_group_dict(security_group_db) secgroup_dict[provider_sg.PROVIDER] = True return secgroup_dict
def _call_operation_object(self, operation, object_type): context = self._get_mock_operation_context(object_type) if object_type in [odl_const.ODL_SG, odl_const.ODL_SG_RULE]: plugin_context_mock = mock.Mock() plugin_context_mock.session = neutron_db_api.get_writer_session() res_type = [ rt for rt in callback._RESOURCE_MAPPING.values() if rt.singular == object_type ][0] res_id = context[object_type]['id'] context_ = (copy.deepcopy(context) if operation != odl_const.ODL_DELETE else None) if (object_type == odl_const.ODL_SG and operation in [odl_const.ODL_CREATE, odl_const.ODL_DELETE]): # TODO(yamahata): remove this work around once # https://review.openstack.org/#/c/281693/ # is merged. if operation == odl_const.ODL_CREATE: sg = securitygroup.SecurityGroup( id=res_id, name=context_[object_type]['name'], tenant_id=context_[object_type]['tenant_id'], description=context_[object_type]['description']) plugin_context_mock.session.add(sg) context_[odl_const.ODL_SG].pop('id', None) if operation == odl_const.ODL_DELETE: sg = mock.Mock() sg.rules = [] self.mech.sync_from_callback_precommit(plugin_context_mock, operation, res_type, res_id, context_, security_group=sg) else: self.mech.sync_from_callback_precommit(plugin_context_mock, operation, res_type, res_id, context_) else: method = getattr(self.mech, '%s_%s_precommit' % (operation, object_type)) method(context)
def create_security_group(self, context, security_group, default_sg=False): """Create security group. If default_sg is true that means we are a default security group for a given tenant if it does not exist. """ s = security_group['security_group'] kwargs = { 'context': context, 'security_group': s, 'is_default': default_sg, } self._registry_notify(resources.SECURITY_GROUP, events.BEFORE_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) tenant_id = s['tenant_id'] if not default_sg: self._ensure_default_security_group(context, tenant_id) else: existing_def_sg_id = self._get_default_sg_id(context, tenant_id) if existing_def_sg_id is not None: # default already exists, return it return self.get_security_group(context, existing_def_sg_id) with db_api.autonested_transaction(context.session): security_group_db = sg_models.SecurityGroup(id=s.get('id') or ( uuidutils.generate_uuid()), description=s['description'], tenant_id=tenant_id, name=s['name']) context.session.add(security_group_db) if default_sg: context.session.add(sg_models.DefaultSecurityGroup( security_group=security_group_db, tenant_id=security_group_db['tenant_id'])) for ethertype in ext_sg.sg_supported_ethertypes: if default_sg: # Allow intercommunication ingress_rule = sg_models.SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction='ingress', ethertype=ethertype, source_group=security_group_db) context.session.add(ingress_rule) egress_rule = sg_models.SecurityGroupRule( id=uuidutils.generate_uuid(), tenant_id=tenant_id, security_group=security_group_db, direction='egress', ethertype=ethertype) context.session.add(egress_rule) self._registry_notify(resources.SECURITY_GROUP, events.PRECOMMIT_CREATE, exc_cls=ext_sg.SecurityGroupConflict, **kwargs) secgroup_dict = self._make_security_group_dict(security_group_db) kwargs['security_group'] = secgroup_dict registry.notify(resources.SECURITY_GROUP, events.AFTER_CREATE, self, **kwargs) return secgroup_dict
def _populate_neutron_db(self): self.plugin.create_network(self.ctx, {"network": { "tenant_id": self.tenant_id, "id": self.net_id, "shared": False, "name": "test_net_1", "admin_state_up": True, "description": "" }}) self.plugin.create_subnetpool(self.ctx, {"subnetpool": { "tenant_id": self.tenant_id, "id": self.ip_pool_id, "name": "default_test_pool", "prefixes": ["192.168.0.0", "192.168.1.0", "192.168.2.0"], # "min_prefix": 16, "min_prefixlen": 16, # "max_prefix": "", "max_prefixlen": 32, # "default_prefix": "", "default_prefixlen": 32, # "default_quota": "", # "address_scope_id": "", "is_default": True, "shared": True, "description": "" }}) self.plugin.create_port(self.ctx, {"port": { "tenant_id": self.tenant_id, "name": "test_port_1", "id": self.port_id_1, "network_id": self.net_id, "fixed_ips": constants.ATTR_NOT_SPECIFIED, "admin_state_up": True, "device_id": "123", "device_owner": "admin", "description": "" }}) self.plugin.create_port(self.ctx, {"port": { "tenant_id": self.tenant_id, "name": "test_port_2", "id": self.port_id_2, "network_id": self.net_id, "fixed_ips": constants.ATTR_NOT_SPECIFIED, "admin_state_up": True, "device_id": "1234", "device_owner": "admin", "description": "" }}) subnet = self.plugin.create_subnet(self.ctx, {"subnet": { "tenant_id": self.tenant_id, "name": "subnet_192_168", "cidr": "192.168.0.0/32", "ip_version": 4, "network_id": self.net_id, "subnetpool_id": self.ip_pool_id, "allocation_pools": [], "enable_dhcp": True, "dns_nameservers": [], "host_routes": [] }}) neutron_db = [ ml2_models.PortBinding( port_id=self.port_id_1, host=self.host, vif_type="ovs" ), ml2_models.PortBindingLevel( port_id=self.port_id_1, host=self.host, driver=nsxv3_constants.NSXV3, level=1 ), models_v2.IPAllocation( port_id=self.port_id_1, ip_address="192.168.0.100", subnet_id=subnet.get("id"), network_id=self.net_id ), QosPolicy( id=self.qos_id_1, project_id=self.tenant_id, name="Test_QOS_1" ), trunk_model.Trunk( id=self.trunk_id_1, project_id=self.tenant_id, name="test_trunk_1", port_id=self.port_id_1 ), sg_model.SecurityGroup( id=self.sg_id_1, project_id=self.tenant_id, name="test_sg_1", ) ] with self.session.begin(subtransactions=True): for entry in neutron_db: self.session.add(entry)